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Decoded property . 
values 1 


ft 


o 
<«-» 

a 








I-TLB 
property bi 


< 


i 

"'^ 


Protected! . 


Interpretation 

1 


Instructions sei 


Collect prof 
trace-packej 


Probe for 
translate<l co 


I/O menior 
reference 
exceptions 


00 


Tap 


Tap 


no 


Native code observing native 
RISCy calling conventions 


Native 
decoder 


No 


No 


Fault 
if SEG.tio 


01 


Tap 


x86 


no 


Native code observing x86 
calling conventions 


Native 
decoder 


No 


No 


Fault 
if SEG.tio 


10 


x86 


x86 


no 


x86 code, unprotected - 
TAXI profile collection only 


x86HW 
converter 


If enabled 


No 


Trap 
if profiling 


11 


x86 


x8$ ' 


yes 


x86 code, protected - 
TAXI code may be available 


x86HW 
converter 


If enabled 


Based on I- 
TLB probe 
attributes 


Trap 
if profiling 



Pi a - 2Laj^ . Significance of the I-TLB property bits 



-22^ 
2.2. 



C 



IVansition ( source dest ) 
ISA & CC property values 


Handler Action 


00=>00 


No transition exception 


00 =>01 


VECT_xxx_X86_CC exception - handler converts from native to x86 conventions 


00 => Ix 


VECT_xxx_X86_CC exception - handler converts from native to x86 conventions, 

sets up expected emulator and profiling state 


01 =>00 


VECT_xxx_TAP_CC exception - handler converts from x86 to native conventions 


01 =>01 


No transition exception 


01 => Ix 


VECT_X86 JSA exception [conditional based on PCW.X86_ISA_ENABLE flag] 
- sets up expected emulator and profiling state 


lx=>00 


VECT_xxx_TAP_CC exception - handler converts from x86 to native conventions 


lx=>01 


VECT.TAPJSA exception [conditional based PCW.TAP_ISA_ENABLE flag] 
- no convention conversion necessary 


lx=> 10 


No transition exception - [profile complete possible, probe possible] 


lx=>ll 


No transition exception - [profile complete possible, probe NOT possible] 



ISA & CC transition exception flow 





name 


description 


type 




VECT_call_X86_CC 


push args, return address, set up x86 state 


fault on target instruction 




VECTJump_X86_CC 


set up x86 state 


fault on target instruction 




. VECT_ret_no_fp_X86_CC 


return value to eax:edx, set up x86 state 


fault on target instruction 




VECT_ret_fp_X86_CC 


return value to x86 fp stack, set up x86 state 


fault on target instruction 




VECT_calLTAP_CC 


x86 stack args, return address to registers 


fault on target instruction 


ZS2r- 


VECTJump_TAP_CC 


x86 stack args to registers 


fault on target instruction 




VECT_ret_no_fp_TAP_CC 


return value to RVO 


fault on target instruction 




VECT_ret_any_TAP_CC 


return type unknown, setup RVO and RVDP 


fault on target instruction 



^ CC transition exceptions 



-4 L. 




Flat 32-bit "Near" Address Space 



Transparency: 

. x86 code adheres to traditional 

x86 stack-based conventions 
. RISC uses higher performance 

register-based conventions 
. Caller has no knowledge 

of callee's ISA 
. Callee has no knowledge 

of ISA to which it will return 



rx86? RISC? 1 



call 




rx86? RISC? 1 



Flat 32-bit "Near" Address Space 




1x86 RISC transition: 
: map x86 call to RISC 

32-2- Cf=V5.3K) 



RISC x86 transition: 
map x86 return.to RISC 

^ (Fig . 30 



no ISA transition: 
no mapping required 
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RISC -> x86 transition: 
map RISC call to x86 

3'\o 30 



x86-> RISC transition: 
map RISC return to x86 



no ISA transition: 
no mapping required 



1 



Flat 32-bit "Near" Address Space 




x86-^ RISC transitionr 
map RISC return to x86 



RISC x86 transition: 
map RISC call to x86 
3^3 -34g> 



no ISA transition: 
no mapping required 
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a. -a 

3 S 



Flat 32-bit "Near" Address Space 




I 



RISC -4 x86 transition: 
map x86 return to RISC 



x86^ RISC transition: 
map x86 call to RISC 



no ISA transition: 
no mapping required 
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/ 



x86 Preamble: 

(need not be inline) 



Load register args 

Fill-in RXA (return transfer argument area) 



GeneraLEntry: 



YES 



3\7 



XD == 0? 



Native Entry: 

NativePreamble: 



NO 



3»S 



(typically vacuous) 

- Varargs 

- AP for a very big argument list 



omit if 



I 





Function Body: 






setupXD: 

XD <- <descriptor_constant> 






RET 





X86-to-Tapestry transition exception handler ^ ^ 

II This handler is entered under the following conditions: 
II I. An x86 caller invokes a native function 
// 2. An x86 function returns to a native caller 

// 3. x86 software returns to or resumes an interrupted native function following 
// an external asynchronous interrupt, a processor exception, or a context switch 

dispatch on the two least-significant bits of the destination address { 
case "00" // calling a native subprogram 

// copy linkage and stack frame information and call parameters from the memory 
// stack to the analogous Tapestry registers 
LR [SP++] // set up linkage register — • 32-3 
AP<-SP //address of first argument ^ 3Z-V 

SP ^ SP - 8 // allocate return transfer argument area 32.^ 

SP <- SP & (-32) // round the stack pointer down to a 0 mode 32 boundary ^ IZ.7 
XD ^0 // inform callee that caller uses X86 calling conventions — 328 

case "01" // resuming an X86 thread suspended during execution of a native routine 

1:3 if the redundant copies of the save slot number in EAX and EDX do not match or if "^3'^ j 
d the redundant copies of the timestamp in EBX:ECX and ESI:EDI do not match { j 

// some form of bug or thread corruption has been detected 
i J goto TAPESTRY_CRASH_SYSTEM( thread-corruption-error-code ) ^ 2>7 ^ 

• 5" save the EBX:ECX timestamp in a 64-bit exception handler temporary register 7 57 3 
H (this will not be overwritten during restoration of the fiill native context) 3 

use save slot number in EAX to locate actual save slot storage "37 4- 

restore full entire native context (includes new values for all x86 registers) ^^375 
[ J, if save slot's timestamp does not match the saved timestamp { 37 C» 

^ 3 // save slot as been reallocated; save slot exhaustion has been detected 

^ 5 goto TAPESTRY_CRASH_SYSTEM( save-slot-overwritten-error-code ) ^ 3"?7 

O } 

Q free the save slot 370 



case "10" // returning from X86 callee to native caller, result already in registers 

RV0<63:32> <- edx<31:00> // in case result is 64 bits 

convert the FP top-of-stack value from 80 bit X86 form to 64-bit form in RVDP-^ 
SP<-ESI //restores? from time of call -^•S'2>7 

case "11" // returning from X86 callee to native caller, load large result from memory ' 

RV0..RV3 <- load 32 bytes from [ESI-32] // (guaranteed naturally aligned) "i'So 
SP <- ESI // restore SP from time of call "53 7 

} 

EPC <- EPC & -4 // reset the two low-order bits to zero 'h'b^> 



Fig. 3h 
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Tapestry-to-X86 transition exception handler 

// This handler is entered under the following conditions: 
// 1 . a native caller invokes an x86 &nction 
// 2. a native function returns to an x86 caller 
switch on XD<3:0> { 3*H. 

XD_RET_FP: // result type is floating point 

FO/Fl <- FINFLATE.de( RVDP ) // X86 FP results are 80 bits 
SP <- from RXA save // discard RXA, pad, args 

FPCW 4- image after FINIT & push // FP stack has 1 entry 
goto EXIT 



XD_RET_WRITEB ACK: // store result to @RVA, leave RVA in eax 

RVA <- from RXA save // address of result area 

copy decode(XD<8:4>) bytes from RV0..RV3 to [RVA] 
eax <- RVA // X86 expects RVA in eax 

SP <- from RXA save // discard RXA, pad, args 

FPCW image after FINIT // FP stack is empty 

goto EXIT 

XD_RET_SCALAR: // result in eax:eda 

edx<3 1 :00> <- eax<63 :32> // in case result is 64 bits 

SP •<- from RXA save // discard RXA, pad, args 

FPCW <- image after FINIT // FP stack is empty 

goto EXIT y 



34-2. 



XD_CALL_HIDDEN_TEMP: 
esi <- SP 
SP <-SP-32 
RVA <- SP 
LR<1:0><-"11" 
goto CALL_COMMON 



// allocate 32 byte aligned hidden temp 
// stack cut back on return 
// allocate max size temp "2 3«f 4 

// RVA consumed later by RR 3 
// flag address for return & reload ^ 3*VS 



// remaining XD_CALL_xxx encodings 

// stack cut back on return 34-3 
// flag address for return 



default: 

esi <- SP 
LR<1:0><-"10" 
CALL_COMMON: 

interpret XD to push and/or reposition args --^^ "^47 
[— SP] <- LR // push LR as return address 

EXIT: 

setup emulator context and profiling ring buffer pointer 

} 

RFE -^3^9 //to original target 

} 



Fig. 3i 
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interrupt/exception handler of Tapestry operating system: 

II Control vectors here when a synchronous exception or asynchronous interrupt is to be 
// exported to / manifested in an x86 machine. 

// The interrupt is directed to something within the virtual X86, and thus there is a possibility 
// that the X86 operating system will context switch. So we need to distinguish two cases: 
// either the running process has only X86 state that is relevant to save, or 
// there is extended state that must be saved and associated with the current machine context 
// (e.g., extended state in a Tapestry library call in behalf of a process managed by X86 OS) 
if execution was interrupted in the converter - EPC.ISA = X86 { ^ 

II no dependence on extended/native state possible hence no need to save any r 35 1- 
goto EM86_Deliver_Intemipt( interrupt-byte ) J 
} else if EPC.Taxi_Active { 

// A Taxi translated version of some X86 code was running. Taxi will rollback to an 
// x86 instruction boundary. Then, if the rollback was induced by an asynchronous external 
// interrupt Taxi will deliver the appropriate x86 interrupt. Else, the rollback was induced 
// by a synchronous event so Taxi will resume execution in the converter, retriggering the 
// exception but this time will EPC.ISA == X86 
1:3 goto TAXi_Rollback( asynchronous-flag, interrupt-byte ) 
} if EPC.EM86 { ^ 
= S // The emulator has been interrupted. In theory the emulator is coded to allow for such 
iJj // conditions and permits re-entry during long running routines (e.g. far call through a gate) 
// to deliver extemal interrupts 
goto EM86_Deliver_Interrupt( interrupt-byte ) 

{ 

// This is the most difficult case - the machine was executing native Tapestry code on 
// behalf of an X86 thread. The X86 operating system may context switch. We must save 
// all native state and be able to locate it again when the x86 thread is resumed. 

allocate a fi-ee save slot; if unavailable fi-ee the save slot with oldest timestamp and try again 
save the entire native state (both the X86 and the extended state) ^ ^ 
save the X86 EIP in the save slot 3 
overwrite the two low-order bits of EPC with "01" (will become X86 interrupt EIP) ^ 3^3 
store the 64-bit timestamp in the save slot, in the X86 EBX:ECX register pair (and, 7 ^^i^ 

for further security, store a redundant copy in the X86 ESI:EDI register pair) o 
store the a number of the allocated save slot in the X86 EAX register (and, again for "2 -^^^s 

further security, store a redundant copy in the X86 EDX register) \ 
goto EM86_Deliver_Interrupt( interrupt-byte ) 



}'l^se { 



350 



Fig. 3j 
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typedef struct { 
save_slot_t * 
save slot t * 
unsigned int64 
unsigned int64 
unsigned int64 

timestamp_t 
int 

boolean 
} save_slot_t; 



newer; // pointer to next-most-recently-allocated save slot 7 2>79 c- 

older; // pointer to next-older save slot ^ 

epc; // saved exception PC/IP 

pew; // saved exception PCW (program control word) 3SC» 

registers[63]; // save the 63 writeable general registers 

// other words of Tapestry context 
timestamp; // timestamp to detect buffer overrun 1 
save_slot_ID; // ID number of the save slot ~ 3*^7 
save_slot_is_full; // full / empty flag 3&9 



save_slot_t * 
save slot t* 



save_slot_head; 
save_slot_tail; 



// pointer to the head of the queue 
// pointer to the tail of the queue 



• 37^ a. 



system initialization 

' reserve several pages of unpaged memory for save slots 



Fig. 3k 
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Prepare x86 excep. or int. -| 

. Alloc free or oldest save slot 
. Store timestamp & full state 
. x86 regs <- save slot ID, TS 
.EPC<1:0><-01 



> 

I 




_ Handler: RISC to x86 — 

XD contains return-descriptor: 



Interpret XD: 

- Reformat / repostion result 

- Load FPCW 



Handler: x86 to RISC — i 



EPC<1:0> = 00: 



322 



. LR <- [SP] 
.SP<- SP + 4 
. AP <- SP 

. SP <- SP - 8 // ret area 
. SP ^ SP & (-32) 
^XD_<-_0 

EP"c<1:0> = 01: 



370 



. SP <- [SP] // pop RA & argsA^' [ 
XD contains call-descriptor: 



ESI <r- SP 

Interpret XD, reposition args 
LR<1:0><- IxperXD 
Push LR as RA (ret addr) 



\ 
\ 

\ 



. x86 regs points to save slot 
. Using TS verily no oven/vrite 
. Restore full state 
. Free save slot 

.^^?9^1^^±.?9 ' 

EPC<1:0> = 1x: ^ ^ 



Reformat / repostion the 
function result per EPC<0> 
SP ESI 
EPC<1:0><- 00 



! •'- :'J 



m 



I 
I 

ip 

=1= 
¥ 
=1= 



Flat 32-bit "Near" Address Space 



x86 — 



3gp 

. RISC — , 

308 




^319 

x86 preamble 

• If 

xd <- ret-desc 



r 



, — Handler: RISC to x86 — 

XD contains return-descriptor: 



. Interpret XD: 

- Reformat / repostion result 

- Load FPSW 

. SP ^ [SP] // pop RA & args^i 
XD coritams^llTdisclFiptOr: 



32D 



3i 



Handler: x86 to RISC — ■ 



EPC<1:0> = 00: 
. LR<- [SP] 
.SP<- SP + 4 
. AP<- SP 
.SPf- SP-8 
. SP <- SP & (-32) 

.xp<-_o_ 

ip(S<i:0> = Ot: ■ 



322 



EPC<1:0> = 1x: 
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Fig .5rvi 
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# 



/ 



Flat 32-bit "Near" Address Space 



x86 



^ RISC — . 

xd *- call-desc 




r 



S40 



. Handler: RIS_CJ:p x8_6_ 



XD'coritains return-descriptor: 



XD contains call-descriptor: 



. ESI <- SP 

. Interpret XD, reposition args 
. LR<1:0><- (^perXD 
Push LR as^ (ret addr) i 



\ 



J, 
I 



Handler: x86 to RISC 



EPC<1:0> = 00: 



EPC<1:0> = 01: 



^ EPC<1:0> =(1>0 



. Reformat / repostion the 
function result per EPC<0> 
SP^ESI |» 
EPC<1:0><- 00 i-^ 

J 



\ 



32P 








lipiBP 


\ 





page frame X 



page frame Z 




->9 



liilwiiiiiiiii 



7 entry trace packet 



Entry 


Event Code 


Done Addr 


Next Addr 




64 bit time stamp 


1 


ret 


x86 context 


physXJ 


2 


new page 


physY:^ 


physY:h 


3 


joe forward 


phvs Y:i 


phys Y:k 


4 


jnz backward 


pf^s Y:l 


phys X: a 


5 


seq; env change 


x86 context 


physX'b 


6 


ip-rel near call 


physX:c 


phys Z:d 


7 


near ret 


phys Z:e 


physXif 



F^3 Aa 



CO 



J\[0 



a 

V 



O 

U 



r 



Code 



0.0000 



0.0001 



0.0010 



0.0011 



0.0100 



0.0101 



0.0110 



0.0111 



0.1000 



0.1001 



0.1010 



0.1011 



0.1100 



0.1101 



0.1110 



0.1111 




Event 



Default (x86 transparent) event, reuse all converter values 



Simple x86 instruction completion (reuse event code) 



Probe exception failed 



Probe exception failed, reload probe timer 



Sequential; execution environment changed - -pof^oc- ^^m^- 



Far RET 



IRET 



Far C All- 



Far JMP 



Special; emulator execution, supply extra instruction data" 



Abort profile collection 



x86 synchronous/asynchronous interrupt w/probe (GRP 0) 



x86 synchronous/asynchronous interrupt (GRP 0) 



x86 synchronous/asynchronous interrupt w/probe (GRP 1) 



x86 synchronous/asynchronous interrupt (GRP 1) 



yes 



yes 



yes 



yes 



no 



no 



no 



no 



no 



no 



no 



no 



no 



no 



no 



no 



I 

S 







racket 


e even 




S 


•o 


CQ 


'S 


1 







S " 



li'i 



9 

I 



no 



yes 



yes 



yes 



yes 



yes 



yes 



no 



yes 



yes 



yes 



yes 



no 



no 



yes 



no 



yes 



yes 



no 



no 



yes 



yes 



yes 



yes 



no 



no 



no 



yes 



no 



no 



no 



yes 



no 



yes 



no 



Far call 



Emulator probe 



Emulator probe 



h "1 



^ 



f 

60 

it 

p 
o 



1.0000 



1.0001 



1.0010 



1.0011 



1.0100 



1.0101 



1.0110 



1.0111 



1.1000 



1.1001 



1.1010 



1.1011 



1.1100 



IP-relative JNZ forward (opcode: 75. OF 85) 



no 



yes 



yes 



no 



IP-relative JNZ backward (opcode: 75, OF 85) 



no 



yes 



yes 



yes 



Jnz 



IP-relative conditional jump forward - (Jcc, Jcxz, loop) 



no 



yes 



yes 



no 



IP-relative conditional jump backward - (Jcc, Jcxz, loop) 



no 



yes 



yes 



yes 



Cond jump 



IP-relative, near JMP forward (opcode: E9. EB) 



no 



yes 



yes 



no 



IP-relative, near JMP backward (opcode: E9, EB) 



yes 



yes 



yes 



Near jump 



RET/ RET inmil6 (opcode C3, C2 /w) 



no 



yes 



yes 



no 



IP-relative, near CALL (opcode: E8) 



yes 



yes 



yes 



Near call 



REPE/REPNE CMPS/SCAS (opcode: A6, A7. AE. AF) 



no 



yes 



no 



REP MOVS/STOS/LDOS (opcode: A4, A5. AA, AB, AC. AD) 



no 



yes 



no 



no 



Indirect near JMP (opcode: FF /4) 



no 



yes 



yes 



no 



Indirect near CALL (opcode: FF/2) 



no 



yes 



yes 



yes 



Near call 



load from I/O memory (TLB.asi != 0) { not used in Tl ] 



no 



yes 



no 



no 



1.1101 



IAD w\o no no 



1.1110 



Default converter event; sequential 



no 



1.1111 



New page (instruction ends on last byte of a page frame or 
straddles across a page frame boundary) 



no 



no 



yes 



no 



no 



no 



no 



a. Used by emulator for new x86 opcodes. Extra information supplied in TaxijControlspecial^opcode bits. 
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Event Code Latch 
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Event codiB from RFE restarting converter 
or mapping of converter's x86 opcode 



RFE or previous converter cycle 
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' Use latched 



Event Code Latch o — t^pg event code 



RFE Event 
Decode 



Clear Taxi_St^ e.pact 



Probe failed RFE 
► 



Probe timer rejo ad 
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Next {vis target) 
page properties 
from l-TLB 
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Table 3 
irv Event Code ^ 
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Next instruction cycie 



initiate Packej 



Profileable Eve nt 4Vfc 



Probeable Event 6>lo 
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I — Taxi_Control. probe ' 
^ l-TLB protected 

page property 



OQOUPP 



670 



_ 7/\X/ enabled 

for current x86 context 



f— TaxLState.pact^'^'^ 



Probe! 



Decoded_Probe_Event < 



Probe Mask ^20 



660 



Probe failed RFE: 

Clear corresponding Decoded_Probe_Event bit 



Probe timer reload 



Timer expired: 



Set ALL probe mask bits 



Probe timer 
&30 



fig. 



650: 



670: 



672: 



674: 



690 



682: 



As each event occurs during execution of an X86 program in converter 136 or / 
emulator 316, materialize an event code in event code latch 486, 487 Jj 



PLA 650 processes the event code to produce at most one of five classifications j 
of the event, "jnz" 660, "conditional jump" 661, "near jump" 662, "near call" \ 
663, "far call" 664, or "emulator probe" 665 



The bit 660-665 is ANDed with the probe page properties 624 fi-om TLB 116 
and Taxi State.Probe Mask 620 



UR together the products of the ANDs. The sum of the UK represents the 
predicate "the event code 592 is an event on a page whose probeable event bit is 
currently enabled in Taxi_State.Probe_Mask 620 and the TLB copy of the 
PFAT page properties/] ^ ^ 



AND the sum of the OR together with several machine context predicates to see 
if this is a probeable event 




3a: 



Consult the bit vector to verify that the probeable event is in an address range 1 

with a correspond ing translated code segment 

' ^ A, 



Execute a TAXi instruction to materialize a Context_At_Point entry descnbmg" 
the current machine state, to supply arguments to the probe exception handler 

I Deliver a probe exception to transfer control to the software exception handler | 



Probe PIPM 602 for an entry 640 corresponding to the address of the target of V 
the event ) 



was a PIPM entry found? 



Evaluate/verify the preconditions from integer portion 686 of PIPM 602 entry 
640 — — T ■ 



I 



Evaluate/verify the preconditions from floating-point portion 688 of PIPM 602 
entry 640, and if mismatching, imload floating-point context and reload it to 
confonTLULEIPM 



Transfer control to the TAXi translated native code 
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RGURE 7^ Sector match logic 
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Command 
Bit 
D 
E 
R 
A 
M 



Bit 
Position 

T 

4 
3 
2 
1 



0 



Meaning 

■^..K. i. .Hn. of DMA writes by clearing the DMU En able flag 

-t:„.K.. n,.nunrin. of DMA writes by setUng th T^MU Enable flag 
-Reset all SMRs: clear all A and MPF bits and clear the UMU O verrun flag 
Allocate an inacUve SMR on a failed search 

Allow MPF m odifications 

-M.„. MPF hit v alue to record on succes sful search (or allocation) 

f^'^'Ti ' Commands 
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Action 


0 




Inhibit modification of the MPF bit 
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Clear the corresponding MPF bit 
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Set the corresponding MPF bit 



EN 



PR 



6> 



W 



PAGE 



LIMITI19:01 



BASE[31:0] 



63 62 61 



59 58 57 56 55 54 53 52 51 



32 31 



Size 
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1 



1 

1 

1 
1 

20 
32 



Bit (s) 

63 

62 

61:59 
58:56 



55 

54 

53 
52 

31:0 



Name 
SEG.EN 
SEG . PR 

SEG.AS 
SEG. EXT 
SEG . RWX 

SEG . PAGE 

SEG.B 

SEG.D 
SEG.G 

SEG. LIMIT 
SEu^ASE 



Function 

enables segment limit/protection 
checking 

chooses which protection bits 
to use for page table protection - 
(0 means PSW.UK or 1 means MI SC. UK) 
address space (only used when 
SEG. PAGE is 0) 



address space extension (only used 
when SEG. PAGE is 1) 
read/write/execute means 
enabled - all 000 means it's an 
invalid segment 

enables the paging system — (translation 
and checking) 

segment size (1 means 32-bit, 0 
means 16 -bit) 

segment direction (0 means expand up) 
size of limit (1 means it's in 4k 
pages) 

segment limit 
segment base 



At code generation time: 



— " Case 1, little optimization: 

JZ 



If this load is optimized, 



MP 



mark the conventional descriptor to indicate that it must be cloned in the prolog 



emit a load through the descriptor to be cloned by the code emitted at 866, 868, whose Taxi 
optimized load bit 810 is One- -"-"V- 



else if the load is known to be (or believed to be) to non-well-behaved memory 



i 



:f=F 



emit the load through the conventional segment descriptor used by the emulator, whose Taxi 
optimized load bit 810 is Ze.ro. 



[dsrp> 



r 



I choose a segment descriptor heuristically [ 



Case 2, aggressive optimization enabled: ' 



r 



If this load is optimized 



(DO 

4 



idTl^ye.^ 



emit a load through the conventional segment descriptor used by the emulator, whose Taxi 
optimized load bit 810 is One. 



else if the load is known to be (or believed to be) to non-well-behaved memory 



NO 

i 



else 




mark the conventional descriptor to indicate that it must be cloned in the prolog ^^sc 

r , 

emit the load through the descriptor to be cloned by the code emitted at 866, 868, whose Taxi 
optimized load bit 810 is Zero. 




\ choose a segment descriptor heuristically"^ 



TAXi code prolog generation by TAXi translator 

»862 



For each native X86 segment descript 




1 



or: U 



one- 



If this descriptor is marked to indicate that a cloned copy is required 
(reflection both optimized and unoptimized references through this segment 
^descriptor) then. 



r 



Emit code to copy one of the X86 segment descriptors to one of the 
segment descriptor registers reserved for TAXi code. The TAXi 
optimized load bit 810 of the segment descriptor is guaranteed to match 
TAXi Control.tio 820 



7 



Emit code to explicitly set the value of the cloned descriptor's TAXi 
optimized load 810 to the opposite value. 



Emit code to implement the translated hot spot of the X86 code 



